Osirium (https://osirium.com) , announced today that its solution – Osirium USIM – now has the technical capabilities to solve a key problem faced by Local Government organisations trying to comply with the GCSx/PSN CoCo requirements.
Managing remote access by third party service providers and being able to govern when they access, which tasks they’re able to perform and on which devices, servers or applications has become increasingly complicated. Furthermore, the use of shared usernames and passwords render all privileged user activities anonymous, so any actions undertaken by third party privileged users are unidentifiable when it comes to auditing for CoCo compliance purposes.
This was a business issue that Richard Dawson, IT Services Manager at Bracknell Forest Borough Council was familiar with. Dawson says: “With more than 170 applications being supported by 150 third party managed service providers, it was a real struggle governing access. Osirium USIM has essentially now allowed us to determine when our service providers are given access, what they’re able to do and, most importantly, the system identifies to us the individuals who are then accountable.”
Osirium USIM for CoCo solves this problem by automatically creating unique personalised accounts for all privileged users accessing multi-vendor devices and servers, which also eliminates the use of ‘default’ accounts. Osirium can then govern when, and for how, long third party access is allowed as well as which tasks are authorised to be performed across the estate.
“If local authorities fail to take control over third party access they also risk failing a GCSx audit and having to re-direct time and resources to resolve the issue,” added David Guyatt, CEO at Osirium.
“Controlling and securing remote access of third party privileged users is just one of the key ways in which Osirium can help local government meet CoCo Compliance. We can also automate the provisioning, configuration and back-up of multi-vendor devices and run automated IT audits across the entire infrastructure to ensure continued compliance to CoCo requirements. This immediately removes a substantial headache for both IT departments and compliance officers alike.”